Debian Linux Security Advisory 2277-1 - It has been discovered that xml-security-c, an implementation of the XML Digital Signature and Encryption specifications, is not properly handling RSA keys of sizes on the order of 8192 or more bits. This allows an attacker to crash applications using this functionality or potentially execute arbitrary code by tricking an application into verifying a signature created with a sufficiently long RSA key.
671c9d059c3eb110c989e5c2032c29907a69a1738a8a70c59d9c414cfb7fe5ffApache Santuario XML Security for C++ library versions prior to 1.6.1 suffer from multiple buffer overflows when signing and verifying large keys.
7d90e9019ddd3fff89b181daaaed2d5e7ba0b2a6e22d003a938dd0aae8c79f8e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed